Cloud computing has many benefits including providing more agility, boosting productivity and helping to reduce capital outlays. Because of the cloud’s popularity IT leaders might feel coerced into considering cloud projects that may or may not make the best sense for the company or fit into an overall IT delivery strategy. Here’s a checklist of the top factors that you should weigh carefully before embarking on any cloud project. And if necessary, these considerations can be used to push back or steer a project in the right direction.

Factor 1: Levels of Security, Compliance and Risk Management

As I point out in my post, “CIO.com survey says: Cloud computing has come of age”security is the number one challenge and concern around cloud computing among IT leaders. You need to ask the right legal questions during the planning process to help ensure a secure cloud environment. Some of those questions are:

· What are the potential risks of putting a specific application in the cloud?

· How sensi­tive is the application’s data?

· Can compliance requirements be met?

· Will the cloud provider’s IT systems integrate with my organization’s architecture, allowing for resiliency and portability?

· Does the cloud provider understand my organization’s unique business requirements, and are the specifics of the service level agreements spelled out and understood by both parties?

Factor 2: Choose the Right Applications

A second area for consideration involves applications. Not all applications are suited to the cloud. You need to carefully review which applications have the right workloads, what is required to move specific applications into the cloud and what impact the cloud could have on application performance. Because you don’t own the resources when you move an application to a public cloud, you can no longer guarantee end-to-end application performance (a reason private clouds are worth considering). Monitoring your applications can be a challenge and you often lose control of the troubleshooting process should problems arise. Most experts caution against moving mission-critical apps to the cloud until you have experience moving less important applications and understand the impacts. That said, many mission critical applications are suited to the cloud (See my recent post: “Dispelling 5 common myths of cloud computing”for more information.) Just make sure you have the means to create a service catalog and a way to automate business critical applications such as ones from SAP, Microsoft and Oracle.

Before moving any applications to the cloud, the IT staff must think through how the program will integrate with existing IT architecture. For example, if the application is moved into a hybrid environment, how will load balancing be implemented? What about backup and recovery of data? How will dynamic resource management be accomplished?

Factor 4: Don’t Forget Legal Implications

As with most things IT these days, you need to think like a lawyer when moving to the cloud. Service-provider contracts are especially important. Make sure any contract you sign meets your needs, has flexibility and covers your liability. (For a longer discussion of this topic, I recommend a post written by my colleague Paul Muller, “Look before you click: 10 questions to ask before agreeing to a cloud services contract.”) And it goes without saying that any cloud service provider needs to comply with all jurisdictional, federal and industry regulations. Make sure your cloud provider offers the same privacy protections that your company, industry or law requires. Does the service provider have data-breach or business interruption insurance? How will your business be affected if the service provider has problems? If in doubt, contact your legal department before proceeding.

Considering these factors will take time up front, but will help pave the way for more successful cloud implementations. A new Enterprise CIO Forum white paper provides more details about these key cloud computing considerations. Download the white paper for the full report.